Exploring Opportunities: Containers and OpenStack

Download Exploring Opportunities: Containers and OpenStack

Post on 10-Feb-2017

215 views

Category:

Documents

2 download

Embed Size (px)

TRANSCRIPT

  • OPENSTACK WHITE PAPER

    ExploringOpportunities:Containers andOpenStack

    .

    www.openstack.org

    This work is licensed under the Creative Commons Attribution-NoDerivatives 4.0 International License.To view a copy of this license, visit http://creativecommons.org/licenses/by-nd/4.0/

    2015

    Contributors:Kathy Cacciatore, Consulting Marketing Manager, OpenStack FoundationPaul Czarkowski, Cloud Engineer, Blue Box, An IBM CompanySteven Dake, Kolla Project Technical Lead (PTL), Principal Engineer - OpenStack, Cisco Systems, Inc.John Garbutt, Nova PTL, Principal Engineer, RackspaceBoyd Hemphill, Technology Evangelist, StackEngineJohn Jainschigg, Technology Solutions Marketing, Mirantis Inc.Andre Moruga, Director of Program Management/Server Virtualization, OdinAdrian Otto, Magnum PTL, Distinguished Architect, RackspaceCraig Peters, Director of Product Management, Mirantis Inc.Brian E. Whitaker, Founder, Zettabyte Content LLC

  • www.openstack.org

    Executive SummaryThe important thing for us as a community is to think about OpenStack asan integration engine thats agnostic, Collier said. That puts users in the bestposition for success. Just like we didnt reinvent the wheel when it comes tocompute, storage and networking, well do the same with containers.- Mark Collier, COO, OpenStack Foundation

    Containers are certainly a hot topic. The OpenStack User Survey indicates over half of the respondents are interested in containers in conjunction with their OpenStack clouds for production uses. Thanks to new open source initiatives, primarily Docker, containers have gained signicant popularity lately among Developer and Ops communities alike.

    The Linux kernel has supported containers for several years, and now even Microsoft Windows is following suit. However, container use in the enterprise remains an emerging opportunity since standards are still being formed, the toolset ecosystem around containers is relatively new, and ROI is uncertain.

    Containers are an evolving technology and OpenStack is evolving to support them, just as it has supported other emerging technologies in the past. Rather than create new vertical silos to manage containers in their data centers, IT organizations nd value in OpenStack providing a cross-platform API to manage virtual machines, containers and bare metal.

    Trevor Pott, writing for The Register, provides perspective.

    Container support is just another example of the basic value proposition for OpenStack - that by utilizing OpenStack as the foundation of a cloud strategy, you can add in new, even experimental technologies, and then deploy them to production when the time is right, all with one underlying cloud infrastructure - without compromising multi-tenant security and isolation, management and monitoring, storage and networking and more.

    In order to support accelerating interest in containers and highlight opportunities, this paper oers readers a comprehensive understanding of containers and container management in the context of OpenStack. This paper will describe how various services related to containers are being developed as rst-class resources in current and upcoming releases of OpenStack.

    1 http://www.theregister.co.uk/2015/07/09/openstack_overview/

    What are containers?Containers are isolated, portable environments where you can run applications along with all the libraries and dependencies they need. Containers arent virtual machines. In some ways they are similar, but there are even more ways that they are dierent. Like virtual machines, containers share system resources for access to compute, networking, and storage. They are dierent because all containers on the same host share the same OS kernel, and keep applications, runtimes, and various other services separated from each other using kernel features known as namespaces and cgroups. Docker added the concept of a container image, which allows containers to be used on any host with a modern Linux kernel. Soon Windows applications will enjoy the same portability among Windows hosts as well. The container image allows for much more rapid deployment of applications than if they were packaged in a virtual machine image.

    01

    OpenStack is not a cloud. It is not a project or a product. It is not a virtualization system or an API or a user interface or a set of standards. OpenStack is all of these things and more: it is a framework for doing IT infrastructure all IT infrastructure in as interchangeable and interoperable a way as we are ever likely to know how.1

  • www.openstack.org

    stackopen

    Executive SummaryThe important thing for us as a community is to think about OpenStack asan integration engine thats agnostic, Collier said. That puts users in the bestposition for success. Just like we didnt reinvent the wheel when it comes tocompute, storage and networking, well do the same with containers.- Mark Collier, COO, OpenStack Foundation

    Containers are certainly a hot topic. The OpenStack User Survey indicates over half of the respondents are interested in containers in conjunction with their OpenStack clouds for production uses. Thanks to new open source initiatives, primarily Docker, containers have gained signicant popularity lately among Developer and Ops communities alike.

    The Linux kernel has supported containers for several years, and now even Microsoft Windows is following suit. However, container use in the enterprise remains an emerging opportunity since standards are still being formed, the toolset ecosystem around containers is relatively new, and ROI is uncertain.

    Containers are an evolving technology and OpenStack is evolving to support them, just as it has supported other emerging technologies in the past. Rather than create new vertical silos to manage containers in their data centers, IT organizations nd value in OpenStack providing a cross-platform API to manage virtual machines, containers and bare metal.

    Trevor Pott, writing for The Register, provides perspective.

    Container support is just another example of the basic value proposition for OpenStack - that by utilizing OpenStack as the foundation of a cloud strategy, you can add in new, even experimental technologies, and then deploy them to production when the time is right, all with one underlying cloud infrastructure - without compromising multi-tenant security and isolation, management and monitoring, storage and networking and more.

    In order to support accelerating interest in containers and highlight opportunities, this paper oers readers a comprehensive understanding of containers and container management in the context of OpenStack. This paper will describe how various services related to containers are being developed as rst-class resources in current and upcoming releases of OpenStack.

    What are containers?Containers are isolated, portable environments where you can run applications along with all the libraries and dependencies they need. Containers arent virtual machines. In some ways they are similar, but there are even more ways that they are dierent. Like virtual machines, containers share system resources for access to compute, networking, and storage. They are dierent because all containers on the same host share the same OS kernel, and keep applications, runtimes, and various other services separated from each other using kernel features known as namespaces and cgroups. Docker added the concept of a container image, which allows containers to be used on any host with a modern Linux kernel. Soon Windows applications will enjoy the same portability among Windows hosts as well. The container image allows for much more rapid deployment of applications than if they were packaged in a virtual machine image.

    02

    Figure 1: Containers vs. VMs

  • www.openstack.org

    stackopen

    Containers oer deployment speed advantages over virtual machines because theyre smaller megabytes instead of gigabytes. Typical application containers can be started in seconds, whereas virtual machines often take minutes. Containers also allow direct access to device drivers through the kernel, which makes I/O operations faster than with a hypervisor approach where those operations must be virtualized. Even in environments with hundreds or thousands of containers, this speed advantage can be signicant and contributes to overall responsiveness new workloads can be brought online quickly and make boot storms become a thing of the past.

    Containers create a proliferation of compute units, and without robust monitoring, management, and orchestration, IT administrators will be coping with container sprawl, where containers are left running, mislocated or forgotten. As a result, some third-party ecosystem tools have become so synonymous with containers that they need to be mentioned, in the context of OpenStack.

    The three most common are Docker Swarm, Kubernetes, and Mesos.

    Docker2 popularized the idea of the container image. They provide a straightforward way for developers to package an application and its dependencies in a container image that can run on any modern Linux, and soon Windows, server. Docker also has additional tools for container deployments, including Docker Machine, Docker Compose, and Docker Swarm. At the highest level, Machine makes it easy to spin up Docker hosts, Compose makes it easier to deploy complex distributed apps on Docker, and Swarm enables native clustering for Docker.

    Kubernetes3 (originally by Google, now contributes to the Cloud Native Computing Foundation4) is an open source orchestration system for Docker containers. It handles scheduling onto nodes in a compute cluster and actively manages workloads to ensure that their state matches the user's declared intentions.

    Apache Mesos5 can be used to deploy and manage application containers in large-scale clustered environments. It allows developers to conceptualize their applications as jobs and tasks. Mesos, in combination with a job system like Marathon, takes care of scheduling and running jobs and tasks.

    OpenStack refers to these three options as Container Orchestration Engines (COE). All three ofthese COE systems are supported in OpenStack Magnum, the containers service for OpenStack, that allows your choice of COE to be automatically provisioned in a collection of compute instances where your containers are run.

    03

    Today, containers are being used for two major purposes.

    An entire system operating system, applications, services, etc. can exist inside a container.These are called, appropriately enough, system or OS containers. System containers use cases are eectively similar to those of virtual machines.

    However, application containers are dierent. Containers are a way of bundling and running applications in a more portable way. They can be used to break down and isolate parts of applications, called microservices, which allow for more granular scaling, simplied management, superior security congurations, and solving a class of problems previously addressed with conguration management (CM) tools. They are not a replacement for virtualization or CM.

    A developer can put an application or service inside a container, along with the runtime requisites and services the application requires, without having to include a full operating system. This allows container images to be small, usually just a few megabytes in size compared to virtual machine images which can be orders of magnitude larger.

    Containers have been around for years, but they didnt become popular until various vendors started dening container images. Conceptually a container image can be thought of as a snapshot of a container's lesystem that can be stored on disk. The container lesystem is arranged in layers, like how a series of commits are arranged in a git repository. This allows the container image to indicate which parent image it is derived from, allowing it to be very small by comparison. All it needs are the bits that are dierent from its parent. This is why they can be so much smaller. Container images allow tools like Docker to simplify container creation and deployment, using a single command to launch the app with all its requisites. The concept of the container image, and the layering features associated with that concept, was really the missing piece needed to bring containers to the mainstream.

    Administrators and developers are interested in containers for two major reasons.

    Its worth mentioning that the container ecosystem, even for companies like Docker, remains awork in progress. For example, a fundamental standard for container images is under development. In June 2015, 21 companies formed the Open Container Initiative6 to addressthis issue. Docker is donating its container format and runtime, runC, to the OCI to serve as thecornerstone of this new eort . As container technology matures, a fundamental goal for ongoing OpenStack development is to ensure that tools like Docker, Kubernetes and Mesos work well within OpenStack. OpenStack, as a fundamental framework for IT infrastructure, remains hardware and software agnostic so it can manage everything.

    1. Application containers, compared with virtual machines, are very lightweight minimizing compute, storage, and bandwidth requirements. Since multiple containers leverage the same kernel (Linux today, with Windows soon), containers can be smaller and may require less processing, RAM, and storage than virtual machines because they can be used without any hardware virtualization. They allow more dynamic systems than virtual machines allow, because the chunks of data that need to be moved around to use containers are so much smaller than virtual machine images.

    2. The other advantage is that containers are portable, eectively running on any hardware that runs the relevant operating system. That means developers can run a container on a workstation, create an app in that container, save it in a container image, and then deploy the app on any virtual or physical server running the same operating system - and expect the application to work.

  • www.openstack.org

    stackopen

    Containers oer deployment speed advantages over virtual machines because theyre smaller megabytes instead of gigabytes. Typical application containers can be started in seconds, whereas virtual machines often take minutes. Containers also allow direct access to device drivers through the kernel, which makes I/O operations faster than with a hypervisor approach where those operations must be virtualized. Even in environments with hundreds or thousands of containers, this speed advantage can be signicant and contributes to overall responsiveness new workloads can be brought online quickly and make boot storms become a thing of the past.

    Containers create a proliferation of compute units, and without robust monitoring, management, and orchestration, IT administrators will be coping with container sprawl, where containers are left running, mislocated or forgotten. As a result, some third-party ecosystem tools have become so synonymous...

Recommended

View more >